Skip to main content
Unlisted page
This page is unlisted. Search engines will not index it, and only users having a direct link can access it.

Calendly

Authentication & Authorization

Credentials

  • Calendly connects via OAuth 2.0 with authorization code grant flow.
  • Client ID and Client Secret credentials can be obtained during the setup of the Calendly application. See Calendly Connection Instructions.
  • DataGrail uses Refresh Token Flow to periodically update Access Token after it expires to keep the connection alive.
  • Publicly exposing your API credentials can allow unauthorized access to the Calendly API endpoints, and your Calendly data by a third party. DataGrail stores your API credentials encrypted and protected.

Scopes

Calendly API doesn’t require specific scopes that need to be approved by you in order to grant DataGrail read/write access on certain objects necessary to complete privacy requests.

Endpoints Utilized

  • Request authorization:
    • GET https:​//auth.calendly.com/oauth/authorize
  • Get and refresh access token:
    • POST https:​//auth.calendly.com/oauth/token
  • Validate that credentials are good based on a successful response:
    • GET https:​//api.calendly.com/users/me

Limits

DataGrail processes API responses with HTTP 429 status to interrupt requests, waiting and retrying (using an exponential backoff strategy).

Access

For an access request, DataGrail will take the following actions:

  • List Organization Invitations - collect a list of Organization invitations with the filtering by the Data Subject email.
  • List Organization Memberships - collect a list of users belonging to an Organization with the filtering by the Data Subject email.
  • List Events - collect a list of the scheduled events with the filtering by the Data Subject email as an invitee email.
  • List Event Invitees - collect a list of scheduled event invitees with the filtering by the Data Subject email as an invitee email.
  • For all objects found, DataGrail will return all available fields. You can edit which objects and fields you want to provide to the Data Subject via our Portal Requests.

Endpoints Utilized

  • GET https:​//api.calendly.com/organizations/{uuid}/invitations
  • GET https:​//api.calendly.com/organization_memberships
  • GET https:​//api.calendly.com/scheduled_events
  • GET https:​//api.calendly.com/scheduled_events/{uuid}/invitees
note

DataGrail also supports the Direct Contact Access workflow for Calendly.

Deletion

For a deletion request, DataGrail will take the following actions:

  • Collect Organization Invitations for the given Data Subject Email and delete (revoke) each of them. Please note that if an invitation has been accepted , it cannot be deleted.
  • Collect Organization Memberships for the given Data Subject Email and remove User from Organization.

Endpoints Utilized

  • GET https​://api.calendly.com/organizations/{uuid}/invitations
  • DELETE https​://api.calendly.com/organizations/{org_uuid}/invitations/{uuid}
  • GET https​://api.calendly.com/organization_memberships
  • DELETE https​://api.calendly.com/organization_memberships/{uuid}
note

DataGrail also supports the Direct Contact Deletion workflow for Calendly.

 

Need help?
If you have any questions, please reach out to your dedicated Account Manager or contact us at support@datagrail.io.

Disclaimer: The information contained in this message does not constitute as legal advice. We would advise seeking professional counsel before acting on or interpreting any material.